Maintenance update for Multi-Linux Manager 4.3 Release Notes Release Notes

Announcement ID:	SUSE-SU-2025:4479-1
Release Date:	2025-12-18T12:15:07Z
Rating:	moderate
References:	bsc#1237060 bsc#1241455 bsc#1250911 bsc#1251864 bsc#1253024 jsc#MSQA-1039
Cross-References:	CVE-2025-11065 CVE-2025-47911 CVE-2025-58190 CVE-2025-62348 CVE-2025-62349 CVE-2025-64751
CVSS scores:	CVE-2025-11065 ( SUSE ): 5.7 CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:P/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N CVE-2025-11065 ( SUSE ): 4.5 CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:N/A:N CVE-2025-47911 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N CVE-2025-47911 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L CVE-2025-58190 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N CVE-2025-58190 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L CVE-2025-62348 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N CVE-2025-62348 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2025-62349 ( SUSE ): 7.5 CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:H/VI:H/VA:L/SC:N/SI:N/SA:N CVE-2025-62349 ( SUSE ): 6.2 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:L CVE-2025-64751 ( SUSE ): 5.3 CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:N/VC:N/VI:N/VA:N/SC:H/SI:H/SA:N CVE-2025-64751 ( SUSE ): 8.2 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:N CVE-2025-64751 ( NVD ): 5.8 CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:N/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Affected Products:	openSUSE Leap 15.4 SUSE Manager Proxy 4.3 SUSE Manager Proxy 4.3 LTS SUSE Manager Retail Branch Server 4.3 SUSE Manager Retail Branch Server 4.3 LTS SUSE Manager Server 4.3 SUSE Manager Server 4.3 LTS

An update that solves six vulnerabilities and contains one feature can now be installed.

Recommended update 4.3.16.2 Unscheduled for Multi-Linux Manager Proxy and Retail Branch Server LTS

Description:

This update fixes the following issues:

release-notes-susemanager-proxy:

Update to SUSE Manager 4.3.16.2

Security update 4.3.16.2 for Multi-Linux Manager Server LTS

Description:

This update fixes the following issues:

release-notes-susemanager:

Update to SUSE Manager 4.3.16.2
SUSE Linux Enterprise Server 15 SP6 LTSS channels enabled
CVEs Fixed: CVE-2025-11065, CVE-2025-64751, CCVE-2025-47911, CVE-2025-58190 CVE-2025-62349, CVE-2025-62348
Bugs mentioned: bsc#1237060, bsc#1241455, bsc#1250911, bsc#1251864, bsc#1253024

Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

SUSE Manager Server 4.3 LTS
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-LTS-2025-4479=1
openSUSE Leap 15.4
zypper in -t patch SUSE-2025-4479=1
SUSE Manager Proxy 4.3 LTS
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-LTS-2025-4479=1
SUSE Manager Retail Branch Server 4.3 LTS
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-Server-4.3-LTS-2025-4479=1

Package List:

SUSE Manager Server 4.3 LTS (noarch)
- release-notes-susemanager-4.3.16.2-150400.3.148.1
openSUSE Leap 15.4 (noarch)
- release-notes-susemanager-proxy-4.3.16.2-150400.3.104.2
- release-notes-susemanager-4.3.16.2-150400.3.148.1
SUSE Manager Proxy 4.3 LTS (noarch)
- release-notes-susemanager-proxy-4.3.16.2-150400.3.104.2
SUSE Manager Retail Branch Server 4.3 LTS (noarch)
- release-notes-susemanager-proxy-4.3.16.2-150400.3.104.2

Maintenance update for Multi-Linux Manager 4.3 Release Notes Release Notes

Recommended update 4.3.16.2 Unscheduled for Multi-Linux Manager Proxy and Retail Branch Server LTS

Description:

Security update 4.3.16.2 for Multi-Linux Manager Server LTS

Description:

Patch Instructions:

Package List:

References: